What's in This Chapter?
Evaluating access rights and security inheritance
Applying access rights with the Security Editor
Examining access rights with the Access Viewer
Understanding security domains, accounts, profiles, and roles
Integrating and extending the Sitecore security model
Sitecore provides a comprehensive security infrastructure that you can use to secure any item in any Sitecore database. This model uses concepts familiar to security administrators experienced with Windows domains, New Technology File System (NTFS), and Access Control Lists. Concepts of the Sitecore security infrastructure include:
After reading this chapter, you will have a greater understanding of the purpose of each access right, as well as of how Sitecore evaluates rights and inheritance.
You can use a number of techniques to integrate Sitecore with external security systems. The Sitecore security model uses the provider pattern, which lets you plug in alternate implementations for each component of the model. Sitecore supplies default ASP.NET security providers for authentication, user profile management, and role management. Sitecore provides optional modules that enable you to use Microsoft Dynamics Customer Relationship Management (CRM) and Active Directory (AD) for authentication. You can replace the default providers with these or with custom provider implementations that access external ...